<?php
//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//
// DLMan by Shedd Technologies International		  				//
// http://www.dlman.com | info@dlman.com							//
// Copyright 2003 by STI, All rights reserved.						//
// ---------------------------------------------------------------- //
// Usage of this software is governed by the terms of GPL. 	    	//
//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//

/*
VeriSign PayFlow Link Processing Module
This module is called every time someone makes a purchase via the 
order system using PayFlow Link.  This code inserts information regarding 
the transaction when it has completed processing and sends email 
communication to the client.
*************************************************
* THIS MODULE HANDLES BOTH PURCHASES & RENEWALS *
*************************************************
*/

require_once("../uis.php");
require_once("../config.php");
require_once("../functions.php");

if ($HTTP_POST_VARS['RESULT'] == "0") {
//////////////////////////////////////////////////////////
	// assign posted variables to local variables
	$txn_id = $HTTP_POST_VARS['PNREF'];
	$custom = $HTTP_POST_VARS['INVOICE'];
	$receiver_email = $HTTP_POST_VARS[''];
	$payment_gross = $HTTP_POST_VARS['AMOUNT'];
	$payer_email = $HTTP_POST_VARS['EMAIL'];
	$delay=true;//trigger variable for problem in payment
	//------------------------------------------------------------------
	//VALIDATE TRANSACTION
		//check that txn_id (UNQIUE TRANSACTION ID) has not been previously processed
		$sql="SELECT * FROM ".$config->dt['transactions']." WHERE txn_id='".$txn_id."'";
		$result=@mysql_query($sql);
		$rows=@mysql_num_rows($result);
		if($rows==0){//if rows = 0, there is no existing txn_id in db with same id
		
			//check that receiver_email is an email address in your PayFlow Link account
			if($HTTP_POST_VARS['USER1']==$config->cs['payflowlink_account']){
			
			/*******************	PAYMENT VALID		*******************/
				$delay=false;//unset trigger
				$message_content="Valid Transaction\n\nThis is an automated email from your payment processing script with the details of the most recent transaction.  You should file this email for future records.  The payment WAS processed automatically as a valid transaction.";
				//------------------------------------------------------------------
				//add purchase to client account & add information to database
				$purchases=explode("|",$custom);
				$counter=1;
				$message_content.="\n\nPURCHASE VALUES\n\n";
				
				foreach($purchases as $purchase){
					//DO ACTION PER PRODUCT ID
					//UPDATE TRANSACTION VALIDITY IN DATABASE
					//----------------------------------------
					//SWITCH BASED ON PURCHASE OR SUBSCRIPTION
					$sqlarray=array();
					
					if($HTTP_POST_VARS['USER2']=="PUR"){//PURCHASE
						$add=array_push($sqlarray,"UPDATE ".$config->dt['transactions']." SET status='ACTIVE' WHERE id='$purchase';");
						$add=array_push($sqlarray,"UPDATE ".$config->dt['transactions']." SET update_timestamp='".time()."' WHERE id='$purchase';");
						$add=array_push($sqlarray,"UPDATE ".$config->dt['transactions']." SET txn_id='".$txn_id.$counter."' WHERE id='$purchase';");
						$add=array_push($sqlarray,"UPDATE ".$config->dt['transactions']." SET payer_email='".$payer_email."' WHERE id='$purchase';");
					}
					elseif($HTTP_POST_VARS['USER2']=="SUB"){//RENEWAL
						$add=array_push($sqlarray,"UPDATE ".$config->dt['transactions']." SET update_timestamp='".time()."' WHERE txn_id='$custom';");
					}
					
					$err=false;
					foreach($sqlarray as $sql){
						$result="";
						if(!$result=mysql_query($sql)){
							$err=true;
						}
					}//end sql process foreach
					
					if(!$err){//success?
						//define body for validation email
						$s="SELECT validation_go FROM ".$config->dt['settings'];
						$r=mysql_query($s);
						$v=mysql_fetch_array($r);
						$body=$v['validation_go'];
						//unset trigger
						$delay=false;
					}//end success?
					else{//PROBLEM!
						//define body for email to customer discussing wait
						$sql="SELECT validation_delay FROM ".$config->dt['settings'];
						$result=mysql_query($sql);
						while($value=mysql_fetch_array($result)){
							$body=$value['validation_delay'];
						}
					}//end problem
					
					$message_content.="$txn_id$counter\n";
					$counter++;
					
				}//END ACTION PER PRODUCT ID foreach
				
				//------------------------------------------------------------------
				//Prepare admin email
				$message_content.="\n\nPAYFLOW LINK VALUES\n\n";
				foreach($HTTP_POST_VARS as $key=>$value){
					$message_content.="$key: $value\n\n";
				}//end foreach
				$message_content.="\n\nrows=$rows";
				//pull sales address from settings
				$sql="SELECT sales_address FROM ".$config->dt['settings']."";
				$result=mysql_query($sql);
				while($value=mysql_fetch_array($result)){
					$to=$value['sales_address'];
				}
				$subject="Transaction Verified";
				mail($to, $subject, $message_content, "From: PayFlow Link Module\r\n");
				//------------------------------------------------------------------
				
			/*******************	END PAYMENT VALID		*******************/
			}//end check receiving account
		}//end if rows==0 (txn_id check)
	//------------------------------------------------------------------
	//Payment Was Not Process Due to a Problem - prepare delay email
	if($delay){
		//define body for email to customer discussing wait
		$sql="SELECT validation_delay FROM ".$config->dt['settings']."";
		$result=mysql_query($sql);
		while($value=mysql_fetch_array($result)){
			$body=$value['validation_delay'];
		}
	}
	//------------------------------------------------------------------
//////////////////////////////////////////////////////////
}//end credit_card_processed SUCCESS
else{
//////////////////////////////////////////////////////////

	/*******************	PAYMENT PROBLEM		*******************/
			
		//STEP I: TECHNICAL EMAIL TO ADMIN
			//log for manual investigation
			$message_content="TRANSACTION PROBLEM!\n\nInvalid Transaction Process Attempt\nBelow are the results of this transaction attempt for your records.  This transaction was NOT processed.\n\n\n";
			//loop through Post_Vars
			foreach($HTTP_POST_VARS as $key=>$value){
				//prepare message
				$message_content.="$key=$value\n";
			}//end for loop
			//pull sales address from settings
			$sql="SELECT sales_address FROM ".$config->dt['settings']."";
			$result=mysql_query($sql);
			while($value=mysql_fetch_array($result)){
			$to=$value['sales_address'];
			}
			$subject="Transaction Problem";
			mail($to, $subject, $message_content, "From: PayFlow Link Module\r\n");
		//STEP II: EMAIL TO USER
			//define body for email to customer discussing wait
			$sql="SELECT validation_delay FROM ".$config->dt['settings']."";
			$result=mysql_query($sql);
			while($value=mysql_fetch_array($result)){
				$body=$value['validation_delay'];
			}
		/*******************	END PAYMENT PROBLEM		*******************/
		
//////////////////////////////////////////////////////////
}//end credit_card_processed FAILURE


//------------------------------------------------------------------

//VALIDATION EMAIL TO CUSTOMER AND SALES
//pull sales address from settings
$sql="SELECT sales_address FROM ".$config->dt['settings']."";
$result=mysql_query($sql);
while($value=mysql_fetch_array($result)){
	$from=$value['sales_address'];
	$cc=$value['sales_address'];
}
/* recipients */
	$to 		= $payer_email;
/* subject */
	$subject 	= "Your Purchase | %NAME%";
	$subject	= parse($subject);
/* message */
	$message 	= parse($body);
/* additional headers */
	$headers 	= "From: $from\r\n";//from has already been defined
	$headers 	.= "Cc: $cc\r\n";//$cc has already been defined
/* send the mail */
	@mail($to, $subject, $message, $headers);
//end VALIDATION EMAIL TO CUSTOMER AND SALES

//------------------------------------------------------------------
//REDIRECT TO THANK YOU PAGE
//header("location:".$config->cs['script_url']."order/thanks.php");
redirect($config->cs['script_url']."order/thanks.php");
//------------------------------------------------------------------

//\\//\\//\\//\\//\\//\\//\\//\\ FUNCTIONS //\\//\\//\\//\\//\\//\\//\\//\\
/*
	** PARSE SUBJECT & BODY FOR CODES **
	-----------------------------------------------------
	CODES FOR SUBJECT & BODY
		%SALESEMAIL%=Sales Department Email Address
		%URL%=member area URL
		%NAME%=merchant name
		%NL%=new line
	-----------------------------------------------------
*/
function parse($code){
	global $PHP_SELF,$config;
	$code=str_replace("%SALESEMAIL%",$config->cs['sales_address'],$code);//Sales Department Email Address
	$code=str_replace("%URL%",$config->cs['script_url']."member/",$code);//Member Area URL
	$code=str_replace("%NAME%",$config->cs['title'],$code);//Merchant Name
	$code=str_replace("%NL%","\n",$code);//New Line Codes
	return $code;
}
?>